vvecna
/
troll-patrol


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279
							use crate::{
    bridge_verification_info::BridgeVerificationInfo, crypto::EciesCiphertext, get_date,
    BridgeDistributor, COUNTRY_CODES, MAX_BACKDATE,
};

use curve25519_dalek::scalar::Scalar;
use lox_library::{bridge_table::BridgeLine, cred::Lox};
use rand::RngCore;
use serde::{Deserialize, Serialize};
use sha1::{Digest, Sha1};
use sha3::Sha3_256;
use x25519_dalek::{PublicKey, StaticSecret};

#[derive(Debug, Serialize)]
pub enum NegativeReportError {
    DateInFuture,
    DateInPast,          // report is more than MAX_BACKDATE days old
    FailedToDecrypt,     // couldn't decrypt to SerializableNegativeReport
    FailedToDeserialize, // couldn't deserialize to NegativeReport
    InvalidCountryCode,
    MissingCountryCode,
}

/// A report that the user was unable to connect to the bridge
#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)]
pub struct NegativeReport {
    /// hashed fingerprint (SHA-1 hash of 20-byte bridge ID)
    pub fingerprint: [u8; 20],

    /// user's country code
    pub country: String,

    /// today's Julian date
    pub date: u32,

    /// the bridge distributor, e.g., Lox, Https, or Moat
    pub distributor: BridgeDistributor,

    /// some way to prove knowledge of bridge
    bridge_pok: ProofOfBridgeKnowledge,

    /// a random nonce used in the bridge_pok
    pub nonce: [u8; 32],
}

impl NegativeReport {
    pub fn new(
        bridge_id: [u8; 20],
        bridge_pok: ProofOfBridgeKnowledge,
        country: String,
        date: u32,
        nonce: [u8; 32],
        distributor: BridgeDistributor,
    ) -> Self {
        let mut hasher = Sha1::new();
        hasher.update(bridge_id);
        let fingerprint: [u8; 20] = hasher.finalize().into();
        Self {
            fingerprint,
            bridge_pok,
            country,
            date,
            nonce,
            distributor,
        }
    }

    pub fn from_bridgeline(
        bridgeline: BridgeLine,
        country: String,
        distributor: BridgeDistributor,
    ) -> Self {
        let date = get_date();
        let mut rng = rand::thread_rng();
        let mut nonce = [0; 32];
        rng.fill_bytes(&mut nonce);
        let bridge_pok = ProofOfBridgeKnowledge::HashOfBridgeLine(HashOfBridgeLine::new(
            &bridgeline,
            date,
            nonce,
        ));
        Self::new(
            bridgeline.fingerprint,
            bridge_pok,
            country,
            date,
            nonce,
            distributor,
        )
    }

    pub fn from_lox_bucket(bridge_id: [u8; 20], bucket: Scalar, country: String) -> Self {
        let date = get_date();
        let mut rng = rand::thread_rng();
        let mut nonce = [0; 32];
        rng.fill_bytes(&mut nonce);
        let bridge_pok =
            ProofOfBridgeKnowledge::HashOfBucket(HashOfBucket::new(&bucket, date, nonce));
        Self::new(
            bridge_id,
            bridge_pok,
            country,
            date,
            nonce,
            BridgeDistributor::Lox,
        )
    }

    pub fn from_lox_credential(bridge_id: [u8; 20], cred: &Lox, country: String) -> Self {
        NegativeReport::from_lox_bucket(bridge_id, cred.bucket, country)
    }

    pub fn encrypt(self, server_pub: &PublicKey) -> EncryptedNegativeReport {
        EncryptedNegativeReport {
            date: self.date,
            ciphertext: EciesCiphertext::encrypt(
                &bincode::serialize(&self.to_serializable_report()).unwrap(),
                server_pub,
            )
            .unwrap(),
        }
    }

    /// Convert report to a serializable version
    pub fn to_serializable_report(self) -> SerializableNegativeReport {
        SerializableNegativeReport {
            fingerprint: self.fingerprint,
            bridge_pok: self.bridge_pok,
            country: self.country,
            date: self.date,
            nonce: self.nonce,
            distributor: self.distributor,
        }
    }

    /// Serializes the report, eliding the underlying process
    pub fn to_json(self) -> String {
        serde_json::to_string(&self.to_serializable_report()).unwrap()
    }

    /// Deserializes the report, eliding the underlying process
    pub fn from_json(str: String) -> Result<Self, NegativeReportError> {
        match serde_json::from_str::<SerializableNegativeReport>(&str) {
            Ok(v) => v.to_report(),
            Err(_) => Err(NegativeReportError::FailedToDeserialize),
        }
    }

    /// Deserializes the report from slice, eliding the underlying process
    pub fn from_slice(slice: &[u8]) -> Result<Self, NegativeReportError> {
        match serde_json::from_slice::<SerializableNegativeReport>(slice) {
            Ok(v) => v.to_report(),
            Err(_) => Err(NegativeReportError::FailedToDeserialize),
        }
    }

    /// Verify the report
    pub fn verify(self, bridge_info: &BridgeVerificationInfo) -> bool {
        match self.bridge_pok {
            ProofOfBridgeKnowledge::HashOfBridgeLine(pok) => {
                let hash = HashOfBridgeLine::new(&bridge_info.bridge_line, self.date, self.nonce);
                hash == pok
            }
            ProofOfBridgeKnowledge::HashOfBucket(pok) => {
                for b in &bridge_info.buckets {
                    let hash = HashOfBucket::new(b, self.date, self.nonce);
                    if hash == pok {
                        return true;
                    }
                }
                false
            }
        }
    }
}

/// (De)serializable negative report object which must be consumed by the
/// checking function before it can be used
#[derive(Eq, PartialEq, Ord, PartialOrd, Serialize, Deserialize)]
pub struct SerializableNegativeReport {
    pub fingerprint: [u8; 20],
    pub country: String,
    pub date: u32,
    pub distributor: BridgeDistributor,
    bridge_pok: ProofOfBridgeKnowledge,
    pub nonce: [u8; 32],
}

impl SerializableNegativeReport {
    pub fn to_report(self) -> Result<NegativeReport, NegativeReportError> {
        if self.country.is_empty() {
            return Err(NegativeReportError::MissingCountryCode);
        }
        if !COUNTRY_CODES.contains(self.country.as_str()) {
            return Err(NegativeReportError::InvalidCountryCode);
        }
        let date = get_date();
        if self.date > date {
            return Err(NegativeReportError::DateInFuture);
        }
        if self.date < date - MAX_BACKDATE {
            return Err(NegativeReportError::DateInPast);
        }
        Ok(NegativeReport {
            fingerprint: self.fingerprint,
            bridge_pok: self.bridge_pok,
            country: self.country.to_string(),
            date: self.date,
            nonce: self.nonce,
            distributor: self.distributor,
        })
    }
}

/// Negative reports should be sent encrypted. This struct provides an
/// encrypted serializable negative report.
#[derive(Serialize, Deserialize)]
pub struct EncryptedNegativeReport {
    /// The date field in the report. This is used to determine which key to use
    /// to decrypt the report.
    pub date: u32,
    ciphertext: EciesCiphertext,
}

impl EncryptedNegativeReport {
    pub fn decrypt(self, secret: &StaticSecret) -> Result<NegativeReport, NegativeReportError> {
        match self.ciphertext.decrypt(secret) {
            Ok(m) => match bincode::deserialize::<SerializableNegativeReport>(&m) {
                Ok(ser_report) => ser_report.to_report(),
                Err(_) => Err(NegativeReportError::FailedToDeserialize),
            },
            Err(_) => Err(NegativeReportError::FailedToDecrypt),
        }
    }
}

/// Proof that the user knows (and should be able to access) a given bridge
#[derive(Debug, Eq, PartialEq, Ord, PartialOrd, Serialize, Deserialize)]
pub enum ProofOfBridgeKnowledge {
    /// Hash of bridge line as proof of knowledge of bridge line
    HashOfBridgeLine(HashOfBridgeLine),

    /// Hash of bucket ID for Lox user
    HashOfBucket(HashOfBucket),
}

/// Hash of bridge line to prove knowledge of that bridge
#[derive(Debug, Eq, PartialEq, Ord, PartialOrd, Serialize, Deserialize)]
pub struct HashOfBridgeLine {
    hash: [u8; 32],
}

impl HashOfBridgeLine {
    pub fn new(bl: &BridgeLine, date: u32, nonce: [u8; 32]) -> Self {
        let mut hasher = Sha3_256::new();
        hasher.update(date.to_le_bytes());
        hasher.update(nonce);
        hasher.update(bincode::serialize(&bl).unwrap());
        let hash: [u8; 32] = hasher.finalize().into();
        Self { hash }
    }
}

/// Hash of bucket ID to prove knowledge of bridges in that bucket
#[derive(Debug, Eq, PartialEq, Ord, PartialOrd, Serialize, Deserialize)]
pub struct HashOfBucket {
    hash: [u8; 32],
}

impl HashOfBucket {
    pub fn new(bucket: &Scalar, date: u32, nonce: [u8; 32]) -> Self {
        let mut hasher = Sha3_256::new();
        hasher.update(date.to_le_bytes());
        hasher.update(nonce);
        hasher.update(bucket.to_bytes());
        let hash: [u8; 32] = hasher.finalize().into();
        Self { hash }
    }
}